Hi, On Tue, Aug 06, 2024 at 06:15:28PM +0100, Nick Hilliard wrote:
Rob Evans wrote on 06/08/2024 17:48:
I believe it is pretty common to rate-limit based on the /32 for IPv4 and the /64 for IPv6, this isn???t something the NCC has invented.
the rationale for /64 is that ipv6 privacy addresses will cause the source IP address to change for each successive query, i.e. on a standard SLAAC
Uh, when did *this* happen? I see privacy addresses change "every few hours" and "on reconnect", but not for every single connect (tested from MacOS and Linux, curling http://v6only.v6.de/ip.html 10 times in sequence, no change in IPv6 address displayed). If this happens on mobile phones (which are known to do funny things), the point is a bit moot for the discussion here... Gert Doering -- NetMaster -- have you enabled IPv6 on something today...? SpaceNet AG Vorstand: Sebastian v. Bomhard, Ingo Lalla, Karin Schuler, Sebastian Cler Joseph-Dollinger-Bogen 14 Aufsichtsratsvors.: A. Grundner-Culemann D-80807 Muenchen HRB: 136055 (AG Muenchen) Tel: +49 (0)89/32356-444 USt-IdNr.: DE813185279